Digital Safety and Account Discovery

ABSTRACT

Methods, computer-readable media, software, and apparatuses may assist a consumer in keeping track of a consumer&#39;s accounts in order to prevent unauthorized access or use of the consumer&#39;s identified accounts. To discover the various accounts, the methods, computer-readable media, software, and apparatuses can monitor at least a consumer&#39;s email accounts, web browser history, and web cache. The discovered accounts may be displayed to the consumer along with recommendations and assistance for closing unused or unwanted accounts to prevent unauthorized access or use.

This application is a continuation-in-part of and claims priority toU.S. patent application Ser. No. 15/331,434, filed on Oct. 21, 2016;which in turn is a continuation-in-part and claims priority to U.S.patent application Ser. No. 15/150,955, filed on May 10, 2016. Theseapplications are incorporated herein by reference in its entirety.

FIELD OF ART

Aspects of the disclosure generally relate to methods and computersystems, including one or more computers particularly configured and/orexecuting computer software. More specifically, aspects of thisdisclosure relate to systems for identifying, categorizing, and managingonline accounts.

BACKGROUND

Protecting confidential information in today's online environment isdifficult due to the increased connectivity and the increased number ofconsumer accounts accessible via web enabled computing devices.Consumers today have a large number of online subscriptions and keepingtrack of all of them is difficult and time consuming. Many consumershave subscriptions and financial accounts that they have long forgottenabout but those subscriptions and financial accounts may still be activeand accessible online. It is important from a digital safety perspectivethat consumer be aware of all of their online accounts and be diligentin closing unused or no longer wanted subscriptions.

Further, as consumers continue to gain an ever-increasing presence inonline environments, there will be an ever-present need to betterprotect consumers from confidential information being breached (e.g.,made available publicly) in order to protect consumers from fraud and/orother harms.

BRIEF SUMMARY

In light of the foregoing background, the following presents asimplified summary of the present disclosure in order to provide a basicunderstanding of some aspects of the invention. This summary is not anextensive overview of the invention. It is not intended to identify keyor critical elements of the invention or to delineate the scope of theinvention. The following summary merely presents some concepts of theinvention in a simplified form as a prelude to the more detaileddescription provided below.

Aspects of the disclosure address one or more of the issues mentionedabove by disclosing methods, computer readable storage media, software,systems, and apparatuses for use by a consumer in order to keep track ofa consumer's accounts and to prevent unauthorized access or use of theconsumers identified subscriptions and financial accounts. Thediscovered subscriptions and financial accounts may be listed anddisplayed to the consumer along with recommendations and assistance forclosing any discovered unused or unwanted financial accounts andsubscriptions. The described cyber-security system may preventunauthorized access, use, and security breaches by unauthorized usersand devices of the consumer's accounts.

In some aspects, the cyber-security system may include a cyber-securityaccount analysis system and a cyber-security data processing system. Thecyber-security system may include at least one processor and a memoryunit storing computer-executable instructions. The cyber-security systemmay be configured to, in operation, generate a consumer profile based onconsumer information, scan a consumer device to determine potentialsecurity threat, and associate the consumer device and the results ofthe scan with the generated consumer profile. The cyber-security systemmay also be configured to, in operation, monitor at least one emailaccount of the consumer. The cyber security system may be configured to,in operation, determine source information for each email correspondencein the monitored at least one email account. Based on the determinedsource information for each email correspondence, the cyber-securitysystem may generate a list of financial institutions and otherbusinesses associated with the consumer. The cyber-security system may,in operation, also determine for each email correspondence a likelihoodthat each email correspondence represents an account of the consumer.Based on the determined likelihood that each email correspondencerepresents a subscription of the consumer, the cyber-security system maygenerate a list of accounts associated with the consumer.

In other aspects, the cyber-security system may also be configured to,in operation, monitor at least a consumer's internet browser history andinternet browser cache in addition to a consumer's email accounts. Thecyber security system may be configured to, in operation, generate alist of financial institutions and other businesses associated with theconsumer based on a consumer's internet browser history and internetbrowser cache. Using the various lists of financial institutions andother businesses created from the analysis of a consumer's email,browser history, and browser cache, the cyber-security system may, inoperation, also determine the likelihood whether a consumer has anaccount to the various financial institutions and other businesses.

The cyber-security system may, in operation, recommend closing accountsassociated with the consumer based on security recommendations. Thecyber-security system may also, in operation, assist or automate closingof any selected accounts. The cyber-security system may also inoperation, assist or automate updating personal information containedwithin any of the selected accounts, such as updating a consumer'saddress after a move across all of the consumer's selected accounts.

Of course, the methods and systems of the above-referenced embodimentsmay also include other additional elements, steps, computer-executableinstructions, or computer-readable data structures. In this regard,other embodiments are disclosed and claimed herein as well. The detailsof these and other embodiments of the present invention are set forth inthe accompanying drawings and the description below. Other features andadvantages of the invention will be apparent from the description,drawings, and claims.

BRIEF DESCRIPTION OF THE DRAWINGS

The present invention is illustrated by way of example and is notlimited by the accompanying figures in which like reference numeralsindicate similar elements and in which:

FIG. 1 illustrates an example cyber-security device that may be used inaccordance with one or more aspects described herein.

FIG. 2 shows a block diagram illustrating the system architecture for acyber-security system in accordance with one or more aspects describedherein.

FIG. 3 illustrates a block diagram of a cyber-security system thatcollects information from various information data sources to assist aconsumer in keeping track of numerous accounts in accordance with one ormore aspects described herein.

FIG. 4 illustrates an example user interface displaying an examplerating screen in accordance with one or more aspects described herein.

FIG. 5 illustrates an exemplary method for identifying and categorizingaccounts associated with a consumer in accordance with one or moreaspects described herein.

FIG. 6 illustrates an exemplary method for identifying and categorizingaccounts associated with a consumer in accordance with one or moreaspects described herein.

DETAILED DESCRIPTION

In accordance with various aspects of the disclosure, methods,computer-readable media, software, and apparatuses are disclosed forprotecting consumers against data breaches and unauthorized use ofaccounts. A consumer may be presented with a wide range of consumerrisks, including cyber-extortion (e.g., ransomware), false/fraudulentaccount creation, credit card theft, credit score reduction, bankingtheft, and tax fraud. By monitoring and providing a user with acomprehensive listing of all of their subscriptions and financialaccounts, a cyber-security system can assist a user in closing unused orunwanted accounts preventing unauthorized use or loss of confidentialdata from those listed subscriptions and financial accounts.

In the following description of the various embodiments of thedisclosure, reference is made to the accompanying drawings, which form apart hereof, and in which is shown by way of illustration, variousembodiments in which the disclosure may be practiced. It is to beunderstood that other embodiments may be utilized and structural andfunctional modifications may be made.

In one or more arrangements, aspects of the present disclosure may beimplemented with a computing device. FIG. 1 illustrates a block diagramof an example cyber-security device 100 that may be used in accordancewith aspects described herein. The cyber-security device 100 may be acomputing device, such as a personal computer (e.g., a desktopcomputer), server, laptop computer, notebook, tablet, smartphone,vehicles, home management devices, home security devices, smartappliances, etc. The cyber-security device 100 may have a datacollection module 101 for retrieving and/or analyzing data as describedherein. The data collection module 101 may be implemented with one ormore processors and one or more storage units (e.g., databases, RAM,ROM, and other computer-readable media), one or more applicationspecific integrated circuits (ASICs), and/or other hardware components(e.g., resistors, capacitors, power sources, switches, multiplexers,transistors, inverters, etc.). Throughout this disclosure, the datacollection module 101 may refer to the software and/or hardware used toimplement the data collection module 101. In cases where the datacollection module 101 includes one or more processors, such processorsmay be specially configured to perform the processes disclosed herein.Additionally, or alternatively, the data collection module 101 mayinclude one or more processors configured to execute computer-executableinstructions, which may be stored on a storage medium, to perform theprocesses disclosed herein. In some examples, cyber-security device 100may include one or more processors 103 in addition to, or instead of,the data collection module 101. The processor(s) 103 may be configuredto operate in conjunction with data collection module 101. Both the datacollection module 101 and the processor(s) 103 may be capable ofcontrolling operations of the security monitoring device 100 and itsassociated components, including RAM 105, ROM 107, an input/output (I/O)module 109, a network interface 111, and memory 113. For example, thedata collection module 101 and processor(s) 103 may each be configuredto read/write computer-executable instructions and other values from/tothe RAM 105, ROM 107, and memory 113.

The I/O module 109 may be configured to be connected to an input device115, such as a microphone, keypad, keyboard, touchscreen, and/or stylusthrough which a user of the security monitoring device 100 may provideinput data. The I/O module 109 may also be configured to be connected toa display device 117, such as a monitor, television, touchscreen, etc.,and may include a graphics card. The display device 117 and input device115 are shown as separate elements from the cyber-security device 100;however, they may be within the same structure. On some cyber-securitydevices 100, the input device 115 may be operated by users to interactwith the data collection module 101, including providing userinformation and/or preferences, device information, account information,warning/suggestion messages, etc., as described in further detail below.System administrators may use the input device 115 to make updates tothe data collection module 101, such as software updates. Meanwhile, thedisplay device 117 may assist the system administrators and users toconfirm/appreciate their inputs.

The memory 113 may be any computer-readable medium for storingcomputer-executable instructions (e.g., software). The instructionsstored within memory 113 may enable the cyber-security device 100 toperform various functions. For example, memory 113 may store softwareused by the cyber-security device 100, such as an operating system 119and application programs 121, and may include an associated database123.

The network interface 111 allows the cyber-security device 100 toconnect to and communicate with a network 130. The network 130 may beany type of network, including a local area network (LAN) and/or a widearea network (WAN), such as the Internet, a cellular network, orsatellite network. Through the network 130, the cyber security device100 may communicate with one or more other computing devices 140, suchas laptops, notebooks, smartphones, tablets, personal computers,servers, vehicles, home management devices, home security devices, smartappliances, etc. The computing devices 140 may also be configured in asimilar manner as cyber-security device 100. In some embodiments thecyber-security monitoring device 100 may be connected to the computingdevices 140 to form a “cloud” computing environment.

The network interface 111 may connect to the network 130 viacommunication lines, such as coaxial cable, fiber optic cable, etc., orwirelessly using a cellular backhaul or a wireless standard, such asIEEE 802.11, IEEE 802.15, IEEE 802.16, etc. In some embodiments, thenetwork interface may include a modem. Further, the network interface111 may use various protocols, including TCP/IP, Ethernet, File TransferProtocol (FTP), Hypertext Transfer Protocol (HTTP), etc., to communicatewith other computing devices 140.

FIG. 2 shows a block diagram illustrating system architecture 200 for acyber-security system. A cyber-security system 201 may collectinformation from and transmit information to a consumer through variousdifferent channels such as a user mobile computing device 210, a usercomputing device 208, a password manager 206, banking application 218,and a web application 224. In some instances, the cyber-security system201 may be a cyber-security computing device 100. Cyber-security system201 may receive user data for its consumers through channels such ascustomer database 204, internet connected device 212, accountinformation system 226, and cyber-traffic event analysis system 222. Thecyber-security system 201 may communicate with one or more network-basedaccounts to detect information associated with a consumer account beingcommunicated through a network.

In some embodiments, cyber-security system 201 may collect informationfrom and transmit information to each of the various applications,databases, devices, and backend servers described in FIG. 2.Cyber-security system 201 may collect information about consumers suchas their real-time activity and interactions, predict the likelihood ofa data breach or unauthorized use of an account, and determinestrategies utilizing the various channels of communication with theconsumer so as to determine how to best engage the consumer and protectthe consumer from future threats. For example, cyber-security system 201may collect information about a local network associated with a consumerbased on receiving a network scan from the security monitoring software220. Cyber-security system 201 may analyze historic account informationreceived from the account information system 226 to determine thelikelihood of a data breach based on risk factors known for consumerswith similar habits and/or characteristics. Cyber-security system 201may determine that the user may be engaging in particularly riskybehavior, and may determine when to contact the consumer and throughwhich channel to contact the consumer to inform the consumer of thepotential for a data breach. Cyber-security system 201 may enable aplurality of different permutations of strategies such as the aboveexample by being able to sense real-time consumer actions andconsumer-related data flow through various different channels. Byanalyzing data relevant to that consumer, the cyber-security system 201may inform various channels that it is communicatively coupled toregarding consumer-associated risks.

In some embodiments, cyber-security system 201 may communicate with auser (e.g., a consumer) and gather user data through banking application218. Cyber-security system 201 may collect user data from interactionsof the user with the user interface of the banking mobile application218. The banking application 218 may allow the user to manage accountpreferences, manage financial accounts, view recent transactions, and/orreview suspicious behavior. Cyber-security system 201 may trackinteractions with banking applications and/or receive notifications fromthe applications. For example, a notification regarding a recentsuspicious banking transaction may be sent from a banking server to thebanking application 218 and (either from the banking server or via thebanking application 218) forwarded to the cyber-security system 201.This may cause the cyber-security system 201 to inform the consumer ofthe suspicious activity.

In some embodiments, a password manager 206 may assist thecyber-security system 201 in determining the presence ofconsumer-associated accounts, and/or may assist the cyber-securitysystem 201 in determining the quality of credentials for theconsumer-associated accounts. A risk-factor for a data breach may be aconsumer who uses poor credentials (e.g., usernames, passwords,biometric information, etc.) for online accounts (e.g., weak passwords,using passwords for multiple accounts, a failure to use two-factorauthentication, etc.). The password manager 206 may inform thecyber-security system 201 of known accounts associated with the passwordmanager 206, as well as the status of the credentials associated withthose accounts. In some instances, the cyber-security system 201 maycompare the accounts known to the password manager 206 with otheraccounts known to the cyber-security system 201 to determine whataccounts are protected through password management.

In some embodiments, the customer may interact with the cyber-securitysystem 201 using the user computing device 208, web application 224,and/or user mobile computing device 210. The user may be able to viewtheir current security status, see listings of all of their financialaccounts and subscriptions, see updates regarding security issues, seekremediation of those issues, and/or undergo further training regardingsecurity practices. In some instances, if a data breach occurs, theconsumer may be presented an option to file an insurance claim for thesecurity breach via the cyber-security system 201 and/or through anassociated application.

In some embodiments, the cyber traffic event analysis system 222 maymonitor user activity on social media networks, the Internet in general,or the dark web (e.g., network-enabled websites with restrictedaddresses or accessibility such that the sites are not accessible usingstandard means, such as websites with no domain names that are hiddenfrom online search engines). In some instances, the cyber-traffic eventanalysis system 222 may determine how much of a consumer's confidential(e.g., private) information is available electronically. Confidentialinformation may comprise identity information such as name or birthday,marital status, family members, education, employment histories, onlineidentities (e.g., user names on a social media account), financialinformation (e.g., banking numbers, credit card numbers, etc.),traceable assets (real estate, vehicles, etc.), court records, or othersuch information. By searching for electronically available information,the system may determine a “digital footprint” (e.g., a trail of dataand information, available electronically and associated with theconsumer). For example, the cyber-traffic event analysis system 222 maydetermine that a consumer's home address is available on 3 social mediasites, 5 public web pages, and 2 dark web pages. The cyber-traffic eventanalysis system 222 may also search for instances where confidentialinformation has become available. For example, the cyber-traffic eventanalysis system may further determine that one of the dark web pages hasa credit card ending in “XXXX” associated with the consumer's address.The cyber-traffic event analysis system 222 may inform thecyber-security system 201 of its findings, and the cyber-security system201 may act on those findings. For example, the cyber-security system201 may determine that the credit card number corresponds to theconsumer, and push an alert to an application on the user's mobilecomputing device 210 notifying the user that their credit card numbermay have been breached.

In some embodiments, in addition to collecting user information frommobile applications and web applications, user information for consumersmay be collected from various other channels such as user computingdevice 208, user mobile computing device 210, and internet connecteddevice 212. The cyber-security system 201 may determine devicesassociated with the consumer. The cyber-security data processing systemmay determine characteristics of those devices, such as their operatingsystems, update history, software on the devices, hardwarecharacteristics, and so forth. The cyber-security system 201 may usethis information to determine if the number of devices and/orcharacteristics of the devices indicate a heightened threat of a databreach.

In some embodiments, the account information system 226 may maintain anddynamically update records of accounts for a consumer. For example, theaccount information system 226 may interface with social networkingaccounts associated with the consumer. If an account is breached (or ifsuspicious activity is detected), the cyber-security system 201 may benotified. The cyber-security system 201 may then notify the consumer,such as by sending an alert to a user computing device 208 and/or usermobile computing device 210.

In an embodiment, the collected user information may be used to generatea consumer profile for the consumer. The consumer profile may be updatedperiodically as new consumer information is gathered or received. In anembodiment, a consumer profile may be a categorization of what other orexternal entities know about the user such as what marketers know abouta user, information found on social media about the user, the home stateof the user and other potential categorizations.

FIG. 3 illustrates a block diagram of a cyber-security system thatcollects information from various information data sources to assist aconsumer in keeping track of numerous accounts. As shown in FIG. 3, thecyber-security system may communicate with a plurality of informationdata sources 304 a, 304 b, . . . 304 n to collect information related tothe consumer to determine next steps to best serve the consumer.

In some embodiments, the cyber-security system 201 may comprise acyber-security data processing system 202 and a cyber-security accountanalysis system 203. The cyber-security data processing system 202 mayretrieve information from the plurality of information data sources 304a-304 n in order to determine the digital presence of a consumer. Thedata retrieval engine 310 may be configured to monitor (e.g.,continuously monitor) each of the information data sources 304 a-304 nand report data of interest from any one of these data sources to thecyber-security system 201. For example, the data retrieval engine 310may monitor social media sources to determine if account informationassociated with the consumer is detected. If the information isdetected, it may be passed on to the cyber-security system 201 foranalysis. In another example, the data retrieval engine 310 mayinterface with one or more digital accounts (banking accounts, socialmedia accounts, digital storefronts, etc.) to determine if accounts arecreated, active, and/or in use. Account information may be passed on tothe cyber-security system 201.

In an embodiment, the collected information regarding a consumer may beused to determine an online presence for a consumer (e.g., the spread ofinformation or “footprint” left by a consumer in digital spaces).

In an embodiment, determined social media sources of the consumer may bemonitored to determine if something malicious or believed to breach theterms of use of the site has been detected. Such monitoring may detectunauthorized use of the consumer's social media accounts.

In an embodiment, cyber-security data processing system 202 may generatea consumer profile at profile engine 331. The consumer profile may begenerated using at least in part data received and/or collected frominformation data sources 304-304 n. The consumer profile may includedetails of the consumer including but not limited to a consumer's name,age, address, driver's license number, credit card or bank information,insurance policies, networked devices associated with the consumer etc.In an embodiment, the consumer may themselves enter additional orconfirm information found in their consumer profile through a mobileapplication or computing device interface. Additional information thatmay be entered by the consumer includes financial account details and orverification of online accounts used by a consumer.

In an embodiment, cyber-security data processing system 202 may scan aconsumer device to determine potential security threats. Based on thescan a device profile may be generated at profile engine 331. The deviceprofile may be analyzed to determine if the device has any knownvulnerabilities based on the installed hardware components and loadedsoftware applications. In an embodiment, the consumer device and theresults of the device scan may be added to the consumer's generatedprofile.

In some embodiments, the cyber-security system 201 may calculate riskbased on the data gathered from the information data sources 304 a-304n. For example, the insurance rules processing engine 312 may analyzethe data retrieved from information data sources 304 a-304 n by the dataretrieval engine 310 according to preset rules and/or algorithms inorder to determine the likelihood of a data breach based on the digitalpresence of the consumer.

In some embodiments, the cyber-security system 201 may determine whenand through which means to notify a consumer of the risks of a databreach and/or evidence of a data breach according to preset rules andstrategies calculated from the data gathered from the information datasources 304 a-n. For example, the user notification engine 314 maydetermine a time to contact the consumer with a message and/ornotification generated by the cyber-security system 201 upon analyzingthe activities of the consumer and processing such activities accordingto risk matrices maintained by cyber-security system 201.

In some embodiments, the cyber-security system 201 may manage thevarious activities of each consumer, and the status of various accountsassociated with the consumer. For example, the information managementsystem 316 may keep track of all of the information received frominformation data sources 304 a-304 n and may also manage a schedule ofmessage delivery by communicating with the user notification engine 314.In another example, the cyber-security system 201 may notify the userwhenever an account is accessed at an unexpected time and/or from anunexpected location.

In some embodiments, the cyber-security system 201 may determine whichchannel to use to communicate the decision of a strategy computed at thecyber-security system 201. For example, the information delivery engine318 may detect which mobile application accessible to the user is themost appropriate channel on which to deliver the type of informationthat is scheduled to be delivered to the consumer and/or other targetaudience.

In some additional embodiments, cyber-security account analysis system203 may generate a listing for the consumer of discovered onlineaccounts associated with the consumer. The accounts may be categorizedinto various groups such as financial accounts and subscriptionsassociated with the consumer. The categorized listings may assist aconsumer in keeping track of their numerous online accounts all of whichmay contain various forms of confidential information.

In an embodiment, cyber-security account analysis system 203 may monitora consumer's email accounts to determine a listing of the consumeraccounts with financial institutions. Similarly, a consumer's emailaccounts may also be monitored to determine the number of onlinesubscription accounts associated with the consumer.

In an embodiment, cyber-security account analysis system 203 maygenerate separate lists for a consumer listing all of the consumer'sdiscovered financial accounts and all of the consumer's onlinesubscriptions. The generated lists may be used to assist the consumer inclosing unused or wanted accounts in order to reduce the risk ofconfidential information being obtained and prevent unauthorized use ofaccounts a user may have long forgotten about. In another embodiment,cyber-security account analysis system 203 may upon discovery ofconsumer's accounts allow the consumer to globally change informationsuch as a consumer address or phone number across all of the discoveredaccounts simultaneously. The aggregation and consolidation mechanism ofthe present disclosure may allow a consumer to update and managenumerous accounts efficiently.

FIG. 4 illustrates a user interface 400 displaying an example ratingscreen for a digital safety score 405. In some examples, these userinterfaces may be generated by an application server, web application224, user computing device 208, and/or user mobile computing device 210.It should be understood that the user interface of FIG. 4 is designed toillustrate various features and aspects of the user interfaces and thesystem, and do not limit the visual appearance or layout of the userinterfaces. The mobile computing device 210 may be a smartphone, and theuser interface 400 may be part of a smartphone app. A shortcut may bepresented on a home screen (or desktop screen) of an operating systemexecuting the user interface 400.

A digital safety score 405 may be a rating and/or representation ofdifferent components which contribute to the risk of a data breach of anassociated consumer. The digital safety score 405 may be a numeric valuethat indicates the risk of a data breach. While the description hereinassumes a higher score reflects a lower chance of a data breach, anyalgorithm for determining the value may be used. For example, thedigital safety score 405 may comprise a value from 0 to 200, where analgorithm determines the value such that a higher value indicates alower risk of a data breach. In some instances, a lower number mayindicate lower risk. For example, a value from 0 to 100 may be assigned,wherein the value approximates the chance of a significant data breachwithin the next year.

The components depicted in user interface 400 are merely exemplarycomponents, and any number of components that affect the possibility ofa data breach may be used. The components may be represented with shapesthat correspond to their strength and/or impact. For example, trianglesor wedges may be sized in proportion to their impact versus othercomponents (e.g., larger shapes correspond to a larger impact thansmaller shapes). In another example, shapes may vary in size based onthe risk associated with each item (e.g., a larger shape may indicate anarea with higher associated risk). In some instances, a shaded ring orpie graph may be divided into different proportional sections for eachcomponent that contributes to the risk of a data breach. In someinstances, a combination of the above may be used. For example, thewidth of wedges may indicate the proportion of the score, while theheight may indicate whether the component has a positive or negativeimpact, and a ring around the wedges may indicate the proportion of amaximum score achieved.

A number of exemplary components are depicted in FIG. 4. An onlinepresence component 415 may indicate the online presence of a consumer.For example, a consumer may have 48 different accounts detected across arange of Internet services. The cyber-security system 201 may determinethat the relatively high number of accounts increases the potential riskof a data breach. Accounts may be associated with financial institutionsor may represent subscriptions or memberships associated with theconsumer. Accounts may be judged based on the type of account. Forexample, a large number of banking accounts may greatly increase therisk of a significant data breach, because a breach may result inimportant financial data being compromised. In another example, a largenumber of website accounts comprising only a username and password (suchas accounts on a cookbook website, a news website, a sports website,etc.) may be weighted less than a smaller number of banking accounts,because the impact of a data breach to the consumer may be minimalcompared to the impact of a breach regarding banking information. Insome instances, the usage of usernames and/or passwords may be trackedand used to determine a component of the digital safety score 405. Forexample, a password manager may report that three passwords are usedacross 48 accounts. This may greatly increase the danger of a databreach, as a breach of a password across one account may affect a largenumber of other accounts. In some instances, this may increase theprobability of a data breach, which may be reflected in the rating.

Some components may monitor devices and/or environments associated witha consumer. A network component 440 may indicate the quality ofnetworking security associated with a consumer. The cyber-securitysystem 201 may receive information indicating the types of devices on anetwork (e.g., switches, routers, etc.), the configurations of thedevices (e.g., encryption methods used, wireless vs. wired connections,software updates installed, credentials required for access, etc.),and/or how many devices are connected. For example, the cyber-securitysystem 201 may communicate with a home network associated with theconsumer to determine that the consumer has a wireless router with anon-default administrative password, a WPA2 encrypted SSID that is notbroadcast, two connected wireless devices, and a connected wired device.The cyber-security system cyber-security system 201 may determine arating based on the strength of the network and/or the potential for thenetwork to be breached. An antivirus component 420 may indicate thehealth of one or more devices associated with the consumer. An antivirusmay decrease the probability of a data breach by protecting softwareand/or hardware from malicious intrusions. The digital safety score 405may thus be increased for every device with an installed antivirus, andmay be lowered if a problem is detected. A devices component 435 mayindicate risks associated with the number of and/or quality of devicesassociated with a consumer. A consumer may be more at risk for a databreach if more devices with access to consumer accounts exist. Forexample, the cyber-security system 201 may determine that an old,forgotten tablet with an outdated operating system is associated withthe user. The tablet may present an intrusion point due to unpatchedvulnerabilities. Thus, the tablet may reduce the digital safety score405.

An applications component 430 may also impact the digital safety score405. The cyber-security system 201 may receive information from one ormore connected services. For example, a credit monitoring service mayreport fraudulent activity on a credit card, which may decrease thedigital safety score. In another example, a consumer identify protectionservice may provide information on whether any breaches have beendetected by their service, which may affect the score.

A training component 425 may adjust the digital safety score 405 basedon training conducted by the consumer. A consumer may be able to watchtraining videos, read articles, take quizzes, or listen to audioregarding cyber-security. For example, the user may be able to interactwith the displayed training component to see options for training. Ifthe user engages in training items, the user may be rewarded through anincreased digital safety score. This may help encourage the user to stayinformed regarding best practices for cyber-security.

In some instances, accounts may be centrally consolidated and/orcancelled. Accounts may be consolidated in the listing, such as byproviding a centralized login for multiple accounts. For example, aservice provider associated with the cyber-security system 201 mayprovide a centralized login screen with a consolidated username andpassword. A consumer may select accounts from the listing of detectedaccounts with which to use the centralized login screen. The consumermay also select unwanted accounts from the listing for cancellation. Insome instances, the cyber-security system 201 may direct the consumer toa web page associated with each account for cancelling each account. Inother instances, the cyber-security system 201 may process theselections by coordinating with one or more services to cancel accounts.This may have the advantage of reducing the digital footprint for aconsumer by reducing the number of active accounts.

In an embodiment, cyber-security system 201 may initiate a scan forconsumer accounts. The cyber-security system 201 may request logininformation from the consumer. Accounts may be determined according toone or more methods. For example, the consumer may supply thecyber-security system 201 with identifying information, such as a name,date of birth, address, social security number, or other suchinformation. The cyber-security system 201 may integrate with one ormore services (such as social media websites, banking websites, etc.)which may inform the cyber-security system 201 whether the identifyinginformation corresponds to an account on each service. In anotherexample, the consumer may register to receive a digital safety score. Aspart of the registration, the consumer may be presented with a list ofaccounts, and may be asked to give credentials for the accounts. In yetanother example, the consumer may supply the cyber-security system 201with access to an aggregation service, such as a password manager, whichmay identify known accounts and/or credentials for each account. Someaccounts, such as accounts with a credit monitoring service and/oridentity protection service, may supply data indicating risk. In someinstances, the cyber-security system 201 may find account data acrossnumerous services and bring the data from all the services together sothat it may bind the data into a value.

In an embodiment, the cyber-security system 201 may scan for devicesassociated with the consumer. The cyber-security system 201 may identifydevices on a network associated with the consumer and/or devicesassociated with the consumer's credentials. For example, thecyber-security system 201 may initiate a network scan which may identifydevices along a network and information corresponding to each device(e.g., device type, model numbers, operating systems, software versions,applications installed on the devices, network capabilities, etc.).

In another embodiment, the cyber-security system 201 may search fordigitally-available information associated with the consumer (e.g., anonline presence associated with the consumer). The cyber-security system201 may initiate a scan for digitally-available information, such as byinstructing the cyber-traffic event analysis system 222 to scan forconsumer information (addresses, credit card numbers, credentials,social security numbers, etc.) that correspond to the consumer. In someinstances, the cyber-traffic event analysis system may continuallycompile consumer data based on data found on the Internet. For example,the cyber-traffic event analysis system may monitor dark web pages forcredit card numbers, addresses, phone numbers, etc. The cyber-securitysystem 201 may also collect activity data associated with the consumer.For example, the cyber-security system 201 may track how often, on whatdevices, and/or where a consumer conducts banking transactions. Aconsumer may be penalized if the consumer conducts banking on a train,where other individuals may be able to more easily view the consumer'sconfidential banking information.

In yet another embodiment, the cyber-security system 201 may compare theconsumer information with data known to correspond to the consumer. Insome instances, the cyber-security system 201 may determine if datacompiled by the cyber-traffic event analysis system matches dataassociated with the consumer. For example, the cyber-security system 201may determine if a credit card number previously found on a dark webpage and stored in a database of detected credit card numbers matches acredit card number entered by the consumer.

In an embodiment, the cyber-security system 201 may determine a valueassociated with the consumer. The cyber-security system 201 may use oneor more algorithms to determine a value based on consumer accounts,consumer devices, online presence data, or other collected information.The cyber-security system 201 may compare the compiled data against riskmatrices to determine the likelihood of a data breach based on thecollected data. For example, a user with a large number of devices andaccounts may have a high probability of a data breach and be assigned alow value.

In an embodiment, the cyber-security system 201 may update a marketplacewith the value. Risk information (e.g., a value and/or the informationfrom which the value is derived) may be a valuable tool for determiningthe risk of a data breach associated with a consumer. For example, thevalue may indicate that there is a 20% chance that a consumer will fallvictim to credit card fraud within the next six months.

A marketplace may be established for buying and selling riskinformation. For instance, an insurance marketplace may allow insuranceproviders to access risk information from the cyber-security system 201.Insurance providers and/or underwriters may establish cyber-fraudinsurance policies based on the risk information. For example, aninsurance provider may offer an insurance policy to the consumer thatprotects against fraudulent transactions based on the risk information.If a consumer incurs financial damage as a result of a data breach (forexample, the consumer is subjected to credit card fraud), the insurancepolicy may compensate the consumer for some or all financial lossesincurred.

Premiums and/or deductibles for insurance policies may be establishedbased on the risk information and/or value associated with a potentialfor data breach of a consumer's data. For example, a consumer with ahigh value may be charged a higher premium than a consumer with a lowvalue.

In some instances, the risk information may be collected and used todetermine behavioral patterns for a class of consumer. Over time, thecyber-security system 201 may determine the behavioral patterns based ondetecting associations between different data points known to thecyber-security system 201. For example, the cyber-security system 201may determine that individuals with more than two credit card numbersdetected on the Internet have a 65% chance of credit card fraud, whileindividuals with two or less credit card numbers detected on theInternet have a 38% chance of credit card fraud. The cyber-securitysystem 201 may continually iterate on this information to determine moreand/or more accurate associations and/or patterns. For example, usingdata collected over time, the cyber-security system 201 may determinethat individuals with at least 5 active social networking accounts havea 15% greater chance of suffering from tax fraud than individuals withless than 5 active social networking accounts. Thus, the cyber-securitysystem 201 may determine an increased chance of tax fraud when aconsumer registers a fifth social networking account (and, in someinstances, provide a notification to a user and/or service providerafter the fifth social networking account is registered).

In some instances, the determined, resultant behavioral datarepresenting the behavioral patterns and/or the data used to determinebehavioral patterns may be made available through the marketplace. Adatabase of patterns may be made available detailing the risksassociated with given behaviors (e.g., the risk of a data breach basedon a given digital footprint). An insurer may pay to have access to amarketplace of the data in order to better tailor insurance products fora consumer based on associated risk. For example, the insurer mayincrease premiums for all customers by 7% because the data used todetermine behavioral patterns indicates an overall 7% increase incyber-crime in the past 18 months. In some instances, a governmentalentity, such as law enforcement, may subscribe to the marketplace inorder to determine how best to predict, identify, and/or react tocyber-crime. Data may also be used for advertising purposes. Anadvertiser may use the data to associate online activity withdemographic information for targeted advertising. For example, anadvertiser may determine a demographic of consumers aged 20-28 with atleast 6 social networking accounts in order to conduct a targetedadvertising campaign for a new social network. In another example, apost-card company may determine a list of consumers with no socialnetworking accounts for mailing an advertisement comprising a selectionof post-cards.

In some instances, access to the marketplace may be restricted and/orincur a fee. For example, a fee may be charged to access riskinformation collected by the cyber-security system 201. In someinstances, the cyber-security system 201 may collect information from avariety of sources (e.g., credit monitoring services, identity theftprotection services, consumer information protection services, etc.),and store the combined information in a database. In some instances, aseparate fee may be charged for access to only a subset of the databaseinformation.

In another embodiment, the cyber-security system 201 may determine if anaction event has been detected. An action event may comprise a detectedchange in a consumer account and/or detection of a data breach. Forexample, the cyber-traffic event monitoring system 222 may detect that acredit card number associated with a consumer with a known value hasbeen published on a website.

In some instances, an action event may be an action taken by theconsumer. A consumer may register a new account online, open up a newfinancial service account, start using a password manager, connect a newdevice, or undergo cyber-security training. As a result of the action,the cyber-security system 201 may wish to adjust the value. For example,by adding additional accounts online, the consumer may be moresusceptible to a data breach and the value may be lowered. In anotherexample, the consumer may perform cyber-security training, and may berewarded with a higher value.

In another embodiment, the cyber-security system 201 may notify theconsumer of the action event. To reduce the impact of a data breach, itmay be advantageous to notify the consumer and/or services associatedwith the data breach. For example, the cyber-security system 201 maytrigger a notification to appear on a user mobile computing device 210indicating that credentials have been leaked for an account. In anotherexample, the cyber-security system 201 may notify a credit card companythat a credit card number for the consumer was detected on the dark web.The consumer and/or service provider may then take action to reduce anypotential damage resulting from the data breach.

In another embodiment, the cyber-security system 201 may adjust thevalue. Information indicating if a breach is more or less likely tooccur may affect a value. In some instances, an actual data breach mayindicate that a breach is more likely to occur in the future, loweringthe value. For example, if a data breach has occurred, the value may belowered. In another example, a value may be raised when a user deletesold social media accounts that the consumer no longer uses. In yetanother example, a value may be raised when a user enacts strongerprivacy policies on accounts, such as social media accounts.

FIG. 5 depicts a method for assisting a consumer in keeping track of aconsumer's accounts in order to prevent unauthorized access or use ofthe consumers identified subscriptions and financial accounts. Thediscovered subscriptions and financial accounts may be displayed to theconsumer along with recommendations and assistance for closing unused orunwanted financial accounts and subscriptions to prevent unauthorizedaccess or use.

At step 505, cyber-security system 201 may generate a consumer profilebased on received and collected consumer information. The consumerinformation may be collected by cyber-traffic event analysis system 222which may continuously scan for updated consumer information (addresses,credit card numbers, credentials, social security numbers, etc.).

At step 510, cyber-security system 201 may scan a consumer device todetermine potential security threats. The cyber-security system 201 maydetermine characteristics of any discovered device. The determinedcharacteristics may include operating system version, update history,installed software, hardware characteristics, and so forth.

At step 515, cyber-security system 201 may associate the consumer deviceand the results of the scan with the generated consumer profile. In anembodiment, cyber-security system 201 may update the consumer profilebased on the results of the scan.

In accordance with another embodiment, cyber-security system 201 at step520 may monitor at least one email account of the consumer. A consumer'semail password and access information may have been provided by theconsumer during an account setup process. The cyber-security system 201may parse the metadata found in each email header to determine sourceinformation for each email correspondence in the consumer's emailaccount. The parsed metadata may include a domain name identifying thesource of the email correspondence. In an embodiment, monitoring of theconsumer's email account may be limited to a consumer's inbox orspecified folders containing email correspondence. In an embodiment,based on the determined source information for each emailcorrespondence, cyber-security system 201 may at step 530 generate alist of financial institutions and other businesses associated with aconsumer. In one embodiment, this list may also be created using theanalysis of a consumer's email and checking the information againstapplication programming interfaces, such as Yodlee. The list offinancial institutions and other businesses may be verified with theconsumer profile or other gathered information regarding the consumer.The list of financial institutions and other businesses may be displayedto the consumer.

At step 535, cyber-security system 201 may determine for each emailcorrespondence a likelihood that each email correspondence represents anaccount of the consumer. Cyber-security system 201 may in at least oneembodiment, determine that an email contains references to an existingaccount based on results from a pattern recognition algorithm, such asnatural language processing. The pattern recognition algorithm maysearch for various words, phrases, or other identifiable criteria. Forinstance, the pattern recognition algorithm may search for the wordunsubscribe in an email correspondence indicating that the emailcorrespondence is associated with an existing account.

In another embodiment, based on the determined likelihood that eachemail correspondence represents a subscription of the consumer,cyber-security system 201 at step 540 may generate a list of accountsassociated with the consumer. The generated list of accounts may bedisplayed to the consumer and stored in the consumer profile record.

In an embodiment, cyber-security system 201 may automatically initiateclosing of select accounts listed in one of the generated lists based onpredetermined criteria. For instance, cyber-security system 201 mayclose accounts which have not been accessed for a predetermined periodof time such as greater than one year. In another embodiment,cyber-security system 201 may generate recommendations based on theidentification of the sources of the accounts. In another embodiment,the consumer may determine that various accounts should be closed basedon a review of the listings. In this case, a consumer may indicate via auser interface that various accounts should be closed and cyber-securitysystem 201 may begin an account closing process for the consumer.

In an embodiment, a consumer's email account may be monitored at apredetermined frequency in order to update the account listings. Thenewly generate lists may be compared to previously generated listshighlighting changes for the consumer. In this way, the process isiterative. In addition, cyber-security system 201 may identify highsecurity risk accounts and immediately communicate those high riskaccounts to the consumer.

In yet another embodiment, cyber-security system 201 may learn toidentify false positives as it repeatedly scans email accounts andreceives feedback from consumers. In another embodiment, consumers maybe able to identify accounts that should remain open though they are notfrequently utilized. These accounts may be selected by the consumer viaa user interface so that false positives are further reduced.

FIG. 6 depicts another method for assisting a consumer in keeping trackof a consumer's accounts in order to prevent unauthorized access or useof the consumers identified subscriptions and financial accounts. Atstep 605, cyber-security system 201 may generate a consumer profilebased on received and collected consumer information. The consumerinformation may be collected by cyber-traffic event analysis system 222which may continuously scan for updated consumer information (addresses,credit card numbers, credentials, social security numbers, etc.).

At step 610, cyber-security system 201 may scan a consumer device todetermine potential security threats. The cyber-security system 201 maydetermine characteristics of any discovered device. The determinedcharacteristics may include operating system version, update history,installed software, hardware characteristics, and so forth.

At step 615, cyber-security system 201 may associate the consumer deviceand the results of the scan with the generated consumer profile. In anembodiment, cyber-security system 201 may update the consumer profilebased on the results of the scan.

At step 620, cyber-security system 201 may monitor at least one emailaccount of the consumer. A consumer's email password and accessinformation may have been provided by the consumer during an accountsetup process. At step 625, the cyber-security system 201 may parse themetadata found in each email header to determine source information foreach email correspondence in the consumer's email account. The parsedmetadata may include a domain name identifying the source of the emailcorrespondence. In an embodiment, monitoring of the consumer's emailaccount may be limited to a consumer's inbox or specified folderscontaining email correspondence. Cyber-security system 201 may alsodetermine that an email contains references to an existing account basedon results from a pattern recognition algorithm, such as naturallanguage processing. The pattern recognition algorithm may search forvarious words, phrases, or other identifiable criteria. For instance,the pattern recognition algorithm may search for the word unsubscribe inan email correspondence indicating that the email correspondence isassociated with an existing account. Based on the analysis of aconsumer's email correspondence, cyber-security system 201 may at step630 generate a list of businesses a consumer may have an account with.In one embodiment, this list may also be created using the analysis of aconsumer's email and checking the information against applicationprogramming interfaces, such as Yodlee.

At step 635, cyber-security system 201 may monitor a consumer's webbrowser history, including cookies. This could be done over a consumer'svarious browsers (e.g., Chrome, Internet Explorer, Firefox). At step640, the cyber-security system 201 may analyze which websites a consumervisited, which websites stored cookies on a consumer's device, howfrequently a consumer visited specific websites, or how recently aconsumer visited a website. Based on a consumer's web browsing activity,cyber-security system 201 may generate a list of businesses associatedwith a consumer (i.e., step 645). Further, cyber-security system 201 mayorder the list of businesses associated with a consumer based onlikelihood the consumer has an account with a particular business. Forinstance, websites that the consumer visits more frequently and/or morerecently may be placed higher on the list as they may indicate astronger likelihood the consumer has an account with that particularbusiness. In one embodiment, this list may also be created using theanalysis of a consumer's web browser history and checking theinformation against application programming interfaces, such as Yodlee.

At step 650, cyber-security system 201 may monitor a consumer's webcache. This, again, could be done over a consumer's various browsers(e.g., Chrome, Internet Explorer, Firefox). At step 655, thecyber-security system 201 may analyze consumer's cache to pass alongdata to create generate a list of businesses associated with a consumer(i.e., step 660). In one embodiment, this list may also be created usingthe analysis of a consumer's web cache and checking the informationagainst application programming interfaces, such as Yodlee.

At step 665, cyber-security system 201 analyzes the three listsgenerated from steps 630, 645, and 660 to determine a likelihood thateach business represents a business the consumer has an account with.Cyber-security system 201 may in at least one embodiment, determine thata consumer has an account with a certain business because it appears onall three lists. Alternatively, a business that only appears on the listassociated with a consumer's browser history would not indicate theconsumer has an account with that business. Cyber-security system 201may place different weights on the various lists in determining whethera consumer has an account with a certain business. For instance,cyber-security system 201 may determine a consumer has an account with aparticular business if that particular business appears on the listsgenerated from the analysis of a consumer's email and web browsinghistory. In comparison, cyber-security system 201 may determine aconsumer does not have an account with a particular business even thoughthat particular business appears on the lists generated from theanalysis of a consumer's web browsing history and web cache.

In an alternative embodiment, cyber-security system 201 uses the listsgenerated in steps 645 and 660 to verify the list generated in step 630,which was based on the analysis of a consumer's email account. In thisembodiment, cyber-security system 201 uses the lists generated at steps645 and 660 to filter out false positives and increase the accuracy ofthe list generated in step 630.

At step 670, cyber-security system 201 generates a summary list based onits analysis in step 665. This list of businesses may be categorized atleast by type, subject matter, or nature of use to provide an indicationof how a consumer uses the internet. This list of businesses may also beverified with the consumer profile or other gathered informationregarding the consumer. The list of businesses may be also displayed tothe consumer.

In another embodiment, based on the determined likelihood that aconsumer has an account with each business, cyber-security system 201may generate a list of businesses associated with the consumer andpossible accounts. The generated list of associated businesses andpossible accounts may be displayed to the consumer and stored in theconsumer profile record. This list of associated businesses and possibleaccounts may be categorized at least by type, subject matter, or natureof use to provide a picture of how a consumer uses the internet. Inanother embodiment, cyber-security system 201 may include which possibleaccounts store data, including what type of data is stored. In thismanner, cyber-security system 201 is able to assess how exposed aconsumer's personal data is exposed online and share that informationwith the consumer.

In an embodiment, cyber-security system 201 may automatically initiateclosing of select accounts listed in one of the generated lists based onpredetermined criteria. For instance, cyber-security system 201 mayclose accounts which have not been accessed for a predetermined periodof time such as greater than one year. In another embodiment,cyber-security system 201 may generate recommendations based on theidentification of the sources of the accounts. In another embodiment,the consumer may determine that various accounts should be closed basedon a review of the listings. In this case, a consumer may indicate via auser interface that various accounts should be closed and cyber-securitysystem 201 may begin an account closing process for the consumer.

In yet another embodiment, cyber-security system 201 may include systemsor methods to detect account breaches. These systems would monitor aconsumer's accounts to determine whether an account had been breached.If the system determined a breach of an account had occurred,cyber-security system 201 would then analyze the impact of the breachand whether it affects multiple accounts of the consumer. Cyber-securitysystem 201 would then provide the consumer with a notice of the breachas well as the extent of the breach. The consumer may then instructcyber-security system 201 to close the compromised account. The consumermay then determine which compromised accounts should be closed. In thiscase, a consumer may indicate via a user interface that various accountsshould be closed and cyber-security system 201 may begin an accountclosing process for the consumer. In an alternative embodiment,cyber-security system 201 may automatically initiate the closing of anycompromised accounts. Cyber-security system 201 would then provide theconsumer with a notice of the breach, the extent of the breach, andconfirmation of the closing of accounts.

In a further embodiment, cyber-security system 201 may determine thefrequency of a consumer's use of accounts. This determination would addto cyber-security system 201's assessment of a consumer's online riskexposure. This would allow cyber-security system 201 to determine theappropriate solution to a possible risk. This risk determination andpossible solutions may be displayed to the consumer. Alternatively,cyber-security system 201 may automatically initiate what it determinesare the appropriate solutions to lessen a consumer's online riskexposure.

In an embodiment, a consumer's email account, web browsing history, andweb cache may be monitored at a predetermined frequency in order toupdate the account listings. The newly generate lists may be compared topreviously generated lists highlighting changes for the consumer. Inthis way, the process is iterative. In addition, cyber-security system201 may identify high security risk accounts and immediately communicatethose high risk accounts to the consumer.

In another embodiment, cyber-security system 201 may learn to identifyfalse positives as it repeatedly scans the various consumer informationand receives feedback from consumers. In another embodiment, consumersmay be able to identify accounts that should remain open though they arenot frequently utilized. These accounts may be selected by the consumervia a user interface so that false positives are further reduced.

Aspects of the invention have been described in terms of illustrativeembodiments thereof. Numerous other embodiments, modifications, andvariations within the scope and spirit of the appended claims will occurto persons of ordinary skill in the art from a review of thisdisclosure. For example, one of ordinary skill in the art willappreciate that the steps illustrated in the illustrative figures may beperformed in other than the recited order, and that one or more stepsillustrated may be optional in accordance with aspects of the invention.

What is claimed is:
 1. A cyber-security system comprising acyber-security account analysis system and a cyber-security dataprocessing system, wherein the cyber-security system includes: aprocessor; a memory unit storing computer-executable instructions, whichwhen executed by the processor, cause the cyber-security data processingsystem to: generate a consumer profile based on consumer information;scan a consumer device to determine potential security threats;associate the consumer device and the results of the scan with thegenerated consumer profile; wherein the cyber-security account analysissystem is configured to: monitor at least one email account; determinesource information for each email correspondence in the monitored atleast one email account; based on the determined source information foreach email correspondence, generate a separate list of businessesassociated with a consumer; monitor a consumer's web browsing historyinformation; analyze the consumer's web browsing history information todetermine a group of businesses associated with a consumer; based on theanalysis of the consumer's web browsing history information, generate aseparate list of businesses associated with a consumer; monitor aconsumer's web cache; analyze the consumer's web cache to determine agroup of businesses associated with a consumer; based on the analysis ofthe consumer's web cache, generate a separate list of businessesassociated with a consumer; determine for each business associated witha consumer a likelihood that the consumer has an account with abusiness; and based on the determined likelihood that each businessrepresents an account of the consumer, generate a list of accountsassociated with the consumer.
 2. The cyber-security system of claim 1,wherein the cyber-security data processing system is further configuredto: generate a list of hardware elements and software applicationsdiscovered during the scan of the consumer device; determine softwareapplication threats and hardware element vulnerabilities; generaterecommendations based on the determined software application threats andhardware element vulnerabilities; and display recommendations to theconsumer.
 3. The cyber-security system of claim 1, wherein thecyber-security account analysis system is further configured to:recommend closing accounts associated with the consumer based onsecurity recommendations, the accounts associated with the consumerdetermined based on at least one of the generated separate lists ofbusinesses associated with the consumer and the generated list of theaccounts associated with the consumer.
 4. The cyber-security system ofclaim 3, wherein the cyber-security account analysis system is furtherconfigured to: identify high risk accounts based on the securityrecommendations.
 5. The cyber-security system of claim 1, wherein thecyber-security data analysis system is further configured to: determinea digital safety score based on the generated consumer profile, thegenerated separate lists of businesses associated with the consumer, andthe generated list of accounts associated with the consumer.
 6. Thecyber-security system of claim 5, wherein the cyber-security dataprocessing system is further configured to: receive additional consumerinformation; update the generated consumer profile; and update thedetermined digital safety score based on the updated consumer profile.7. The cyber-security system of claim 1, wherein the cyber-security dataanalysis system is further configured to: determine whether an accountof the consumer has been breached; and determine whether the breach hasaffected other accounts of the consumer.
 8. The cyber-security system ofclaim 1, wherein the cyber-security data analysis system is furtherconfigured to determine a frequency the consumer accesses each accountassociated with a consumer.
 9. A method comprising: monitoring at leastone email account; determining source information for each emailcorrespondence in the monitored at least one email account; based on thedetermined source information for each email correspondence, generatinga separate list of businesses associated with a consumer; monitoring aconsumer's web browsing history information; analyzing the consumer'sweb browsing history information to determine a group of businessesassociated with a consumer; based on the analysis of the consumer's webbrowsing history information, generating a separate list of businessesassociated with a consumer; monitoring a consumer's web cache; analyzingthe consumer's web cache to determine a group of businesses associatedwith a consumer; based on the analysis of the consumer's web cache,generating a separate list of businesses associated with a consumer;determining for each business associated with a consumer a likelihoodthat the consumer has an account with a business; and based on thedetermined likelihood that each business represents an account of theconsumer, generating a list of accounts associated with the consumer.10. The method of claim 9, further comprising: recommending closingaccounts associated with consumer based on security recommendations, theaccounts associated with the consumer determined based on at least oneof the generated separate list of businesses associated with theconsumer and the generated list of the accounts associated with theconsumer.
 11. The method of claim 10, further comprising: identifyinghigh risk accounts based on the security recommendations.
 12. The methodof claim 9, further comprising: determining a digital safety score basedon the generated separate list of businesses associated with theconsumer, and the generated list of accounts associated with theconsumer.
 13. The method of claim 9, further comprising: determiningwhether an account of the consumer has been breached; and determiningwhether the breach has affected other accounts of the consumer.
 14. Themethod of claim 9, further comprising: determining a frequency theconsumer accesses each account associated with a consumer.
 15. Acyber-security system comprising a cyber-security account analysissystem and a cyber-security data processing system, wherein thecyber-security system includes: a processor; a memory unit storingcomputer-executable instructions, which when executed by the processor,cause the cyber-security data processing system to: generate a consumerprofile based on consumer information; scan a consumer device todetermine potential security threats; associate the consumer device andthe results of the scan with the generated consumer profile; wherein thecyber-security account analysis system is configured to: monitor atleast one email account; determine source information for each emailcorrespondence in the monitored at least one email account; based on thedetermined source information for each email correspondence, generate aseparate list of businesses associated with a consumer; monitor aconsumer's web browsing history information; analyze the consumer's webbrowsing history information to determine a group of businessesassociated with a consumer; based on the analysis of the consumer's webbrowsing history information, generate a separate list of businessesassociated with a consumer; monitor a consumer's web cache; analyze theconsumer's web cache to determine a group of businesses associated witha consumer; based on the analysis of the consumer's web cache, generatea separate list of businesses associated with a consumer; determine foreach business associated with consumer a likelihood the consumer has anaccount with a business; based on the determined likelihood that eachbusiness represents an account of the consumer, generate a list ofaccounts associated with the consumer; and recommend closing accountsassociated with the consumer based on security recommendations, theaccounts associated with the consumer determined based on at least oneof the generated separate list of businesses associated with theconsumer and the generated list of the accounts associated with theconsumer.
 16. The cyber-security system of claim 15, wherein securityrecommendations comprise a number of consecutive days of accountinactivity.
 17. The cyber-security system of claim 15, whereincyber-security account analysis system is further configured to: displaya hyperlink for each listed account to enable the consumer to close anaccount upon hyperlink activation.
 18. The cyber-security system ofclaim 15, wherein the cyber-security account analysis system is furtherconfigured to: identify high risk accounts based on the securityrecommendations.
 19. The cyber-security system of claim 15, wherein thecyber-security data processing system is further configured to:determine a digital safety score based on the generated consumerprofile, the generated separate list of businesses associated with theconsumer, and the generated list of accounts associated with theconsumer.
 20. The cyber-security system of claim 15, wherein thecyber-security data processing system is further configured to: receiveadditional consumer information; update the generated consumer profile;and update the determined digital safety score based on the updatedconsumer profile.